New: American Bar Association Formal Opinion 477

John McHugh

9 months ago

This is an extremely important opinion that every lawyer should stop and read today.
Bob Ambrogi, LawSitesBlog.com

On May 11, 2017, the American Bar Association issued Formal Opinion 477 regarding secure communication between lawyers and clients. This new recommendation, which weaves in the delicacies of internet and email security, replaces Formal Opinion 99-413 written in 1999 (obviously issued before a world that ran on email).

A lawyer generally may transmit information relating to the representation of a client over the internet without violating the Model Rules of Professional Conduct where the lawyer has undertaken reasonable efforts to prevent inadvertent or unauthorized access. However, a lawyer may be required to take special security precautions to protect against the inadvertent or unauthorized disclosure of client information when required by an agreement with the client or by law, or when the nature of the information requires a higher degree of security.

Different communications require different levels of protection, routine documents do not need protection, but with communications of sufficient sensitivity password protection and/or encryption may be required

Lawyer should analyze documents/communications to determine what degree of protection is warranted

Train Lawyer and non-lawyer Assistants in technology and information security

Conduct due diligence on vendors providing communication technology

Choose a solution with a spotless security record and easy-to-understand Terms of Service

What this means for lawyers today

The amendment puts a great focus on technology in the legal field. While ABA findings are advisory (rather than controlling), they do represent current thoughts on a given subject and will likely influence state bar Ethics opinions on encryption. As Jeff Krause pointed out at both LegalTech and ABA TECHSHOW this year, lawyers have an ethical responsibility to protect client communication and data.

This opinion sends a clear signal that law firms have to pay attention to security of email and other client communication. Most law firms have already determined that is the correct policy. I still suggest lawyers also read Texas Legal Ethics Opinion 648 in addition to this opinion.
Jim Calloway, LawPracticeTipsBlog.com